msm8916: Add selinux-policy to make boot_control work in update_engine.brillo-m7-mr-dev brillo-m7-dev

The msm8916 boot_control implementation modifies the partition table when managing A/B. BUG=24675877 Change-Id: I649c9193b3f7a0d5c83b7959b9b54fcb7a00997e
author: David Zeuthen <zeuthen@google.com> 2015-11-09 14:00:31 -0500
committer: Lee Campbell <leecam@google.com> 2015-11-11 11:32:46 -0800
commit: 5797cd6a226d12400212056f9c4a632b063bdf4c (patch)
tree: c7dabd60a5c3c98a6af46d96567bdb1b25ba6439
parent: b602f27783b4a639daaad9277243ee2ed8e3df16 (diff)
download: qcom-brillo-m7-mr-dev.tar.gz
1 files changed, 7 insertions, 0 deletions
diff --git a/soc/msm8916/sepolicy/update_engine.te b/soc/msm8916/sepolicy/update_engine.te
new file mode 100644
index 0000000..2bb5061
--- /dev/null
+++ b/soc/msm8916/sepolicy/update_engine.te
@@ -0,0 +1,7 @@
+# This file contains msm8916-specific SELinux policy for
+# update_engine. For the main update_engine policy, see
+# external/sepolicy/update_engine.te
+
+# Allow read/write on whole disk. This is needed because the msm8916
+# boot_control HAL modifies the partition table when managing A/B.
+allow update_engine mmc_block_device:blk_file rw_file_perms;
author	David Zeuthen <zeuthen@google.com>	2015-11-09 14:00:31 -0500
committer	Lee Campbell <leecam@google.com>	2015-11-11 11:32:46 -0800
commit	5797cd6a226d12400212056f9c4a632b063bdf4c (patch)
tree	c7dabd60a5c3c98a6af46d96567bdb1b25ba6439
parent	b602f27783b4a639daaad9277243ee2ed8e3df16 (diff)
download	qcom-brillo-m7-mr-dev.tar.gz